Course Registration Questions?

Knowledge and Techniques That You Can Apply Today

SEI courses, workshops, and seminars are created and delivered by recognized experts who have practical experience in the disciplines they teach. Our courses feature hands-on tasks and real-world scenarios. In just a matter of days, you’ll be more informed and ready to perform at a higher level.

Professional Development and Workforce Development

Whether you want to learn at your own pace online, experience the networking opportunities of our classroom facilities, or develop your workforce by bringing our instructors on-site, SEI courses give you the tools you need to create and maintain software, systems, and organizations that are efficient, secure, and reliable. Organizations can help their workforce gain competencies in software development, software acquisition, and cybersecurity.

Delivery Modes

Classroom

The SEI has training facilities in its offices in Pittsburgh, Pennsylvania, and Arlington, Virginia.

Delivery Type

Examination

Duration

Acquisition

The challenges and failures of software development and acquisition of software-reliant systems have been well documented. There are many reasons software-reliant acquisitions fail, including unrealistic estimates, overly ambitious requirements, and inadequate software engineering and testing.
This hour-long course is part of a series of...

Risk Assessment & Insider Threat

This seven (7) hour online course provides a thorough understanding of the organizational models for an insider threat program, the necessary components to have an effective program, the key stakeholders who need to be involved in the process, and basic education on the implementation and guidance of the program.
This training is based upon the...

Incident Handling

In today's networked world, it is essential for system and network administrators to understand the fundamental areas and the major issues in computer forensics. Knowledgeable first responders apply good forensic practices to routine administrative procedures and alert verification, and know how routine actions can adversely affect the forensic...

Network & Software Security

Software-reliant systems are acquired, built, deployed, and maintained through a coordinated set of activities referred to as a lifecycle. When implementing software-reliant systems, desired capabilities and performance parameters have historically received much more attention-and funding-than requirements for quality attributes. Yet quality...

Risk Assessment & Insider Threat

The CERT Cybersecurity Leadership Examination objectively assesses the student's understanding of cybersecurity principles that reflect basic awareness and knowledge of cybersecurity within the context of a business organization and from the perspective of organizational leadership.
The examination is administered online. Learners can begin the...

Network & Software Security

The CERT Secure Coding in C and C++ Professional Certificate provides software developers with practical instruction based upon the CERT Secure Coding Standards. The CERT Secure Coding Standards have been curated from the contribution of 1900+ experts for the C and C++ programming language. The CERT Secure Coding team teaches the essentials of...

Network & Software Security

The CERT Secure Coding in Java Professional Certificate provides software developers with practical instruction based upon the CERT Secure Coding Standards. The CERT Secure Coding team teaches the essentials of designing and developing secure software in Java. Completion of this Professional Certificate will enable software developers to increase...

Risk Assessment & Insider Threat

With the rapidly changing nature of cyber threats and high-profile exploitations of vulnerabilities, organizations are recognizing the need to address the systemic analytical challenges of cyber intelligence.
This course presents a non-technical approach to cyber intelligence for organizational managers and decision makers. It explains the...

Software Architecture

Software architecture has become a widely accepted conceptual basis for the development of nontrivial software in all application areas and by organizations of all sizes. However, the treatment of architecture to date has largely concentrated on its design and, to a lesser extent, its validation. Effectively documenting an architecture is as...

Software Architecture

To ensure continued excellence in software architecture practices, the SEI objectively validates a student's understanding of software architecture before students are eligible to receive professional certificates in software architecture or become certified to lead SEI Authorized ATAM evaluations. This includes understanding of enterprise,...

Risk Assessment & Insider Threat

This one hour course provides a basic understanding of insider threats within an organization and what employees should be aware of in their responsibilities to protect an organization's critical assets. This course explains how your work can be affected and how you can be targeted by Insider Threats.
This training is based upon the research of...

Risk Assessment & Insider Threat

To ensure continued excellence in Insider Threat program development, implementation, and operation, the SEI objectively validates the student's understanding and eligibility to receive the Insider Threat Program Manager (ITPM) Certificate. The certificate exam evaluates the student's comprehension of insider threat planning, identification and...

Software Architecture

Technical debt occurs when a design or construction approach is taken that is expedient in the short term, but increases complexity and cost in the long term. In the course Managing Technical Debt of Software, the concept of technical debt is examined from multiple perspectives, including how it manifests, accumulates, and impacts the enterprise....

Software Architecture

Modeling and validating quality attributes for real-time, embedded systems is often done with low-fidelity software models and disjointed architectural specifications by various engineers using their own specialized notations. These models are typically not maintained or analyzed throughout the lifecycle, making it difficult to predict the impact...

Risk Assessment & Insider Threat

This three (3) hour online course provides a thorough understanding of insider threat terminology, identifies different types of insider threats, teaches how to recognize both technical and behavioral indicators and outlines mitigation strategies.
This instruction is based upon the research of the CERT National Insider Threat Center (NITC) of the...

Network & Software Security

This 4.5 hour virtual, asynchronous course is designed for managers, developers and operational teams to offer a comprehensive training on DevOps principles and process, and to identify techniques for project planning, development, and deployment from start to finish. Specifically, this course will expose attendees to reference architectures and...

Software Architecture

Although the term software architecture is used frequently in today's software industry, its meaning is not universally understood. In this course we answer these questions
What is software architecture?
How do you use software architectures in practice?
What does a software architect do for an organization?
What value does software architecture...

Software Product Lines

A software product line is a set of software-reliant systems that
share a common, managed set of features satisfying a particular market
or mission area, and are built from a common set of core assets in a
prescribed way. Producing a set of related products as a product line
has allowed organizations to achieve increased quality and...

AcquisitionRisk Assessment & Insider Threat

This online course introduces risk management concepts and explains the 20 key drivers that compose the SEI risk-based method for assessing complex projects, the Mission Diagnostic Protocol. This course explains what these drivers are and how the assessment of a program using the drivers creates a profile of a program's chances of success.
This...

2.5Network & Software Security

DevOps is a set of software development principles that emphasize collaboration, communication, and automation among all stakeholders, including IT operations, testers, developers, customers, and security personnel at the inception of a project. A variety of tools help stakeholders collaborate and communicate. Automation is a greater challenge....

4Network & Software Security

This four-day course is designed to provide participants with practical techniques for protecting the security of an organization's information assets and resources, beginning with concepts and proceeding on to technical implementations.
The course provides a technical foundation for working with TCP/IP security and cryptography. The course...

4Network & Software Security

This four day hands-on course is designed to increase the knowledge and skills of technical staff charged with administering and securing information systems and networks. Cybersecurity topics such as network monitoring, intrusion detection and response, digital forensics, and threat hunting will offer a comprehensive defense-in-depth experience....

4Network & Software Security

Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in C and C++ programming. This four-day course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code...

4Network & Software Security

Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in Java programming. This four-day course provides a detailed explanation of common programming errors in Java and describes how these errors can lead to code that is...

2Incident Handling

This two-day course provides an overview of security operations structures, functions, and activities. It describes general good practices and processes for effective and resilient operations. The course discusses how to effectively manage and operate a security operations center and provide a framework to mature the operations over time. The...

4Incident Handling

This four-day course provides foundational knowledge for those in security-related roles who need to understand the functions of an incident management capability and how best to perform those functions. It is recommended for those new to incident handling or security operations work.
The course provides an introduction to the basic concepts and...

1Incident Handling

This tutorial introduces the basic skills necessary to be an effective cyber analyst. The central focus is analytical acumen, or "how to think."
Practical application of portions of the analytic process will be interspersed throughout the presentation, building around a scenario of a company at risk while conducting IT business...

Software Architecture

The AADL in Practice Workshop combines AADL training and an AADL modeling workshop to provide practical knowledge as well as an opportunity to practice skills in a realistic setting. This Workshop will transfer expertise to participants through an effective combination of training and mentoring during practice. Organizations seeking to increase...

2Software Architecture

Most complex software systems must be modifiable and perform well. They might also need to be secure, interoperable, portable, and reliable. But
What precisely do quality attributes such as modifiability, security, performance, and reliability mean?
Can a system be analyzed to determine whether it has certain desired qualities?
How soon can such...

2Software Architecture

In modern service-based solutions, services are developed and deployed as microservices. Microservice development involves countless technology and design choices, including industry standards, frameworks, design patterns, integration approaches, middleware products, and tools. And it is a moving landscape-new ideas and products for services and...

1Software Architecture

From a buzzword in the early 2000s, service-oriented architecture (SOA) has evolved into an established paradigm for developing distributed software systems. But SOA today has a different face. Microservices, API gateways, REST constraints, and event-driven messaging are just some of the design concepts that developers of modern service-based...

2Software Architecture

Software architecture has become a widely accepted conceptual basis for the development of nontrivial software in all application areas and by organizations of all sizes. However, the treatment of architecture to date has largely concentrated on its design and, to a lesser extent, its validation. Effectively documenting an architecture is as...

1Software Architecture

Technical debt occurs when a design or construction approach is taken that's expedient in the short term, but increases complexity and cost in the long term. In the course Managing Technical Debt of Software, the concept of technical debt is examined from multiple perspectives, including how it manifests, accumulates, and impacts the software...

4Software Architecture

Modeling and validating of quality attributes for real-time, embedded systems is often done with low-fidelity software models and disjointed architectural specifications by various engineers using their own specialized notations. These models are typically not maintained or documented throughout the life cycle, making it difficult to predict the...

2Software Architecture

A system's software architecture is widely regarded as one of the most important software artifacts. Software professionals routinely make decisions that impact that architecture, yet many times that impact is not fully considered or well understood.
Which design decisions will lead to a software architecture that successfully addresses the...

2Software Architecture

Although the term software architecture is used frequently in today's software industry, its meaning is not universally understood.
What is software architecture?
How do you use software architectures in practice?
What does a software architect do for an organization?
What value does software architecture provide?
This course introduces the...

Risk Assessment & Insider Threat

This course examines the dynamic intersection of business and technology over the course of an immersive 2-days. Targeted towards today's business executive, the courseware explores the pressing reality that cybersecurity is a business imperative and an enterprise-wide risk that spans all operations. The course provides background and context...

3Risk Assessment & Insider Threat

This 3-day classroom course presents strategies for collecting and analyzing data to prevent, detect, and respond to insider activity. It discusses various techniques and methods for designing, implementing, and measuring the effectiveness of various components of an insider threat data collection and analysis capability.
This training is based...

3Risk Assessment & Insider Threat

This three-day, instructor-led, classroom-based course presents strategies for measuring and evaluating an operational insider threat program within an organization. Using scenario-based exercises, this course takes participants through the steps to conduct an insider threat program evaluation. This training is for insider threat program managers,...

Risk Assessment & Insider Threat

Students who wish to purchase the certificate program package (two eLearning courses, classroom course, certificate exam) will receive a discount from the total cost. The program packages correspond with scheduled classroom course dates, so select the program package that best meets your scheduling needs.
The Insider Threat Program Evaluator...

Risk Assessment & Insider Threat

To insure the ability of a candidate evaluator to reduce exposure to insider risk and to strengthen insider threat programs within organizations, the Insider Threat Program Evaluator (ITPE) Certificate Examination evaluates a candidate evaluator's comprehension of the CERT insider threat program evaluation methodology.
The Insider Threat Program...

Risk Assessment & Insider Threat

Students who wish to purchase the certificate program package (two eLearning courses, classroom course, certificate exam) will receive a discount from the total cost. The program packages correspond with scheduled classroom course dates, so select the program package that best meets your scheduling needs.
The Insider Threat Program Manager...

3Risk Assessment & Insider Threat

This three day course builds upon the initial concepts presented in the prerequisite courses Overview of Insider Threat Concepts and Activities and Building an Insider Threat Program. The course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses various techniques and methods...

Risk Assessment & Insider Threat

Students who wish to purchase the certificate program package (two eLearning courses, classroom course, certificate exam) will receive a discount from the total cost. The program packages correspond with scheduled classroom course dates, so select the program package that best meets your scheduling needs.
The Insider Threat Program Manager...

3Risk Assessment & Insider Threat

This 3-day course develops the skills and competencies necessary to perform an insider threat vulnerability assessment of an organization.
This training is based upon the research of the CERT Insider Threat Center of the Software Engineering Institute. The CERT Insider Threat Center has been researching the insider threat problem since 2001 in...

1Measurement & AnalysisRisk Assessment & Insider Threat

It is critical to measure the right things in order to make informed management decisions, take the appropriate actions, and change behaviors. But how do managers figure out what those right things are? Public and private organizations today often base cyber risk management decisions on fear, uncertainty, and doubt (FUD) and the latest attack;...

2Risk Assessment & Insider Threat

Organizations need an adaptable and agile process that allow executives to have a real-time view of cyber risks. To address this challenge, the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) process has been assisting organizations to assess their technical risks for the better part of two decades, and the SEI has...

2AcquisitionRisk Assessment & Insider Threat

Although most programs and organizations implement some type of risk management approach, preventable failures continue to occur. Many of these approaches tend to be bureaucratic and time-intensive, which can consume valuable program resources. Most programs would benefit by improving, or in some cases replacing, their current risk management...

2Risk Assessment & Insider Threat

This two-day course introduces the NIST Risk Management Framework (RMF) process for system assessment and authorization. The RMF is the cybersecurity framework mandated for Federal Government departments and agencies, including the U.S. Department of Defense (DoD). Like other NIST guidance, the RMF is also used by organizations outside of the...

2Acquisition

This 1-2 day live-delivery tutorial enables attendees to understand basic Agile concepts that developers use, but primarily focuses on introducing the interactions that government program offices can and should have with developers (either organic or contracted) who are using Agile methods to develop government systems. A combination of lecture,...

3Acquisition

This 3 day live-delivery course enables attendees to understand basic Agile and lean concepts that developers use, but primarily focuses on introducing the interactions that government program offices can and should have with developers (either organic or contracted) who are using Agile team methods and the Scaled Agile Framework scaling approach...

4Incident Handling

This four-day course, designed for computer security incident response team (CSIRT) and security operations center (SOC) technical personnel with several months of incident handling experience, addresses techniques for detecting and responding to current and emerging computer security threats and attacks.
Building on the methods and tools...

1Incident Handling

This one-day course is designed for managers and project leaders who have been tasked with implementing a computer security incident response team (CSIRT). This course provides a high-level overview of the key issues and decisions that must be addressed in establishing a CSIRT. As part of the course, attendees will develop an action plan that can...

3Incident Handling

This three-day course provides current and future managers of computer security incident response teams (CSIRTs) with a pragmatic view of the issues that they will face in operating an effective team.
The course provides insight into the work that CSIRT staff may be expected to handle. The course also provides prospective or current managers with...

1Network & Software Security

Through the SQUARE project, CERT researchers have developed an end-to-end process for security requirements engineering to help organizations build security into the early stages of the production life cycle. The SQUARE methodology consists of nine steps that generate a final deliverable of categorized and prioritized security requirements. This...

1Network & Software Security

This workshop is focused on four critical software assurance areas: security requirements, software supply chain assurance, mission thread analysis, and measurement. The purpose of this course is to expose managers, engineers, and acquirers to concepts and resources available now for their use to address software security assurance across the...

2Acquisition

When adopting new governance practices, leaders often find mismatches between assumptions and the realities within their organizations. This 2-day workshop leverages the SEI Readiness and Fit Analysis (RFA) technique to help people involved in systems of systems from all levels of the enterprise-senior leaders, policy makers, program managers,...

0.5Acquisition

This 2-4 hour tutorial is designed for a small group of senior executives in a program or enterprise who are contemplating or are already in progress with adoption of Agile approaches in the organization within their purview. The tutorial includes the opportunity for discussion about practical application of concepts at the executive...

1Incident Handling

This one-day course provides a consolidated view of information that is contained in two other CERT courses: Creating a CSIRT and Managing CSIRTs. Its main purpose is to highlight best practices in planning, implementing, operating, and evaluating a computer security incident response team (CSIRT).
The course will explore the relationship between...

1Measurement & Analysis

This one-day facilitated workshop provides hands-on coaching in the implementation of the tools and techniques from the "Analyze" phase of the Define-Measure-Analyze-Improve-Control (DMAIC) Six Sigma business improvement methodology - as taught in the SEI Improving Process Performance Using Six Sigma course. This workshop is intended to be a...

1Measurement & Analysis

This one-day facilitated workshop provides hands-on coaching in the implementation of the tools and techniques from the "Control" phase of the Define-Measure-Analyze-Improve-Control (DMAIC) Six Sigma business improvement methodology, as taught in the SEI Improving Process Performance Using Six Sigma course. This just-in-time workshop helps to...

1Measurement & Analysis

This one-day facilitated workshop provides hands-on coaching in the implementation of the tools and techniques from the "Define" phase of the Define-Measure-Analyze-Improve-Control (DMAIC) Six Sigma business improvement methodology, as taught in the SEI Improving Process Performance Using Six Sigma course. This just-in-time workshop will help you...

1Measurement & Analysis

This one-day facilitated workshop provides hands-on coaching in the implementation of the tools and techniques from the "Improve" phase of the Define-Measure-Analyze-Improve-Control (DMAIC) Six Sigma business improvement methodology, as taught in the SEI Improving Process Performance Using Six Sigma course. This just-in-time workshop helps to...

1Measurement & Analysis

This one-day facilitated workshop provides hands-on coaching in the implementation of the tools and techniques from the "Measure" phase of the Define-Measure-Analyze-Improve-Control (DMAIC) Six Sigma business improvement methodology, as taught in the SEI Improving Process Performance Using Six Sigma course. This just-in-time workshop will help to...

1Network & Software Security

This one-day course is designed for managers and project leaders who are trying to respond to vulnerabilities reported in their products. This course will provide a high-level overview of the key issues, processes, and decisions that must be made to build your organization's vulnerability response capability. As part of the course, attendees will...

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.